Hello again:
I was hoping someone might have an idea of how I could proceed with the httpd
failure that I am seeing.
As I said, I see nothing in the logs, and the only indication I have that
something is wrong is that httpd stops responding to requests.
At this point, I have added a cronjob of "rcctl restart httpd" to run every
couple of hours; but, it seems to me that my "solution" is not something that is
consistent with the quality/stability of OpenBSD.
If anyone has any suggestions on what I can do, or what information might be
helpful in identifying the issue, I would appreciate it.
Thanks
-----Original Message-----
Hello
On current:
OpenBSD 5.8-beta (GENERIC.MP) #1125: Fri Jul 3 20:54:45 MDT 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
System using 2 aliases on one interface:
ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:25:90:de:f8:67
priority: 0
groups: egress
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet 10.0.28.129 netmask 0xffffff00 broadcast 10.0.28.255
inet 10.0.28.130 netmask 0xffffffff
inet 10.0.28.131 netmask 0xffffffff
HTTPD listening on all three IP's with different content:
cat /etc/httpd.conf
http_ip="10.0.28.129"
types {
include "/usr/share/misc/mime.types"
}
server "server1.tldn.com" {
listen on $http_ip port 80
connection max requests 100
root "/htdocs"
directory index index.html
block return 301 "https://server1.tldn.com$REQUEST_URI";
}
server "server1.tldn.com" {
listen on $http_ip tls port 443
tls certificate "/etc/ssl/server-129.crt"
tls key "/etc/ssl/private/server-129.key"
connection max requests 100
root "/htdocs"
directory index index.html
location "/cgi-bin/*" {
fastcgi
root "/"
}
}
server "server2.tldn.com" {
listen on 10.0.28.130 port 80
connection max requests 100
root "/htdocs-130"
directory index index.html
block return 301 "https://server2.tldn.com/default.html";
}
server "server2.tldn.com" {
listen on 10.0.28.130 tls port 443
tls certificate "/etc/ssl/server-130.crt"
tls key "/etc/ssl/private/server-130.key"
connection max requests 100
root "/htdocs-130"
directory index index.html
}
server "server3.tldn.com" {
listen on 10.0.28.131 port 80
connection max requests 100
root "/htdocs-131"
directory index index.html
block return 301 "https://server3.tldn.com/index.html";
}
server "server3.tldn.com" {
listen on 10.0.28.131 tls port 443
tls certificate "/etc/ssl/server-131.crt"
tls key "/etc/ssl/private/server-131.key"
connection max requests 100
root "/htdocs-131"
directory index index.html
}
The httpd daemon starts up without an issue and runs without a problem for a few
hours (I have not actually timed it, but it goes for about 6-8 hours), and then
just stops responding.
This is true on all three of the ip's that it is listening on; and whether or
not the original connection is to port 80 or 443.
The access log show all connections until (I presume) the daemon stops answering
connections.
I have tried combining all the ssl certs into one (with a lot of alternative
names), but that did not make a difference.
A simple "rcctl restart httpd" brings the server back up for a few hours.
I would be happy to investigate this more, but I don't know where to go.
Similarly, I don't know what other information I could provide to help diagnose
the problem.
Any help would be great.
Thanks - ted
[demime 1.01d removed an attachment of type application/x-pkcs7-signature which
had a name of smime.p7s]
